PostgreSQL is now a CVE Numbering Authority (CNA)

From: PostgreSQL Global Development Group <announce-noreply(at)postgresql(dot)org>
To: PostgreSQL Announce <pgsql-announce(at)lists(dot)postgresql(dot)org>
Subject: PostgreSQL is now a CVE Numbering Authority (CNA)
Date: 2024-01-18 20:00:39
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-announce

The PostgreSQL Security team is pleased to announce that PostgreSQL is now a CVE Numbering Authority (CNA). A CNA has responsibilities for assigning CVE IDs and participating in responsible disclosure with projects within its scope. You can find out more information about the role of PostgreSQL as a CNA on the [PostgreSQL security]( page:


The process for reporting a security vulnerability in PostgreSQL has not changed. If you believe you have discovered a security vulnerability in PostgreSQL, please send an email to [security(at)postgresql(dot)org](mailto:security(at)postgresql(dot)org). For more information on what is considered a vulnerability and the reporting process, please review the [PostgreSQL security]( page:


You can find the original announcement on PostgreSQL being added as a CNA on the CVE page:


Attachment Content-Type Size
image/png 20.7 KB

Browse pgsql-announce by date

  From Date Subject
Next Message CSPUG (Czech and Slovak PostgreSQL Users Group) via PostgreSQL Announce 2024-01-22 17:04:19 Prague PostgreSQL Developer Day 2024 / Call for Papers & Sponsors
Previous Message Nordic PGDay via PostgreSQL Announce 2024-01-17 13:32:33 Nordic PGDay 2024 - Schedule announced and open for registration